Client Application Services - Part 2: ASP Alliance

Print Add To Favorites Email To Friend Rate This Article
Client Application Services - Part 2

page 6 of 10

by Bilal Haidar
Feedback

Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 44054/ 83

Article Contents:

Disable offline mode

So far, we have been explaining how to enable Client Application Services for live connection with the remote authentication and role providers. In the last section of this article, we will show how to configure an application to make use of offline mode which allows your application to authenticate users by accessing a cache of the credentials information stored locally on the application’s machine.

For the time being, you still need to do some configurations on your application to make it work with a none-offline mode. To do so, access the Advanced button located on the Services tab. Once the Advanced button is clicked, a popup windows pops up as shown in Figure 3.

Figure 3: Advanced settings form

To disable offline mode, make sure to uncheck all the checkboxes and to set the Role service cache timeout to 0, without this value you will not be able to retrieve roles-related information for the user. In the next article we will see how to enable offline mode for your application.

« (Page 5)

View Entire Article

(Page 7) »

User Comments

Title: Continuing last comment
Name: Krishna Vedula
Date: 2010-04-04 7:22:11 PM
Comment:
Hello Bilal

Looks like there is a limit on the length of the comment. So, here are my details

Krishna Vedula
krishna@ntc-us.com

Title: How to pass the user context back to server
Name: Krishna J Vedul
Date: 2010-04-04 7:21:12 PM
Comment:
Hello Bilal,

Great Series of articles going in depth in to each of the security topics. I found this very helpful. This helped me get a general direction for the project I am working on currently. However, I have come across a road-block in all articles related to Client Application Services across many sites and was not able to get much help in that regard.

What I am trying exactly is to have the same Authentication framework for my Web front-end as well as the Web interface. With Client Application Services, I am able to get that as explained by you clearly. I also get the roles of the user, so I control what to show and what not to show. Great so far.

I am going to the next level, where my Desktop application is connecting back to the same server (that server the authentication as well as web-content) to get some data. Here I have created some facades (aspx) to parse the request data and send the response as XML. I am able to use the same business objects with some custom aspx files for xml transformation. But, I am getting an error in the business layer if I put any security role restrictions.

How do I pass the Thread.CurrentPrincipal.Identity which has all the roles back to through the web request so that the security framework on the server would not throw any execptions.

a) Code I am using to create a request on the client is

HttpWebRequest req = (HttpWebRequest)WebRequest.Create(@"http://localhost:55555/AppServices/GetAdminData.aspx");
req.Method = WebRequestMethods.Http.Post;

b) Security Permissions on the server are like

[PrincipalPermissionAttribute(SecurityAction.Demand, Role="admin")]
public void ProcessRequest()
{

If I could pass all the cookies that come from user authentication back to server as part of the request, then I woudl get over the problem. But with Membership.ValidateUser I do not get any cookies. Then how do I pass them?

The SaveUserSettings seems to send the user

Title: Good Article
Name: Adron
Date: 2008-10-20 12:07:25 AM
Comment:
Good write up. I'm working through multiple scenarios right now with this, so it is interesting to read and helpful.

Thx.